// Protocol padding for traffic obfuscation

use rand::Rng;

const PADDING_CHARS: &[u8] = b"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

pub struct Padding {
    min: usize,
    max: usize,
}

impl Padding {
    pub fn new(min: usize, max: usize) -> Self {
        Self { min, max }
    }

    pub fn generate(&self) -> Vec<u8> {
        let mut rng = rand::thread_rng();
        let len = rng.gen_range(self.min..self.max);
        let mut padding = vec![0u8; len];
        
        for byte in &mut padding {
            *byte = PADDING_CHARS[rng.gen_range(0..PADDING_CHARS.len())];
        }
        
        padding
    }
}

// Predefined padding configurations
pub const AUTH_REQUEST_PADDING: Padding = Padding { min: 256, max: 2048 };
pub const AUTH_RESPONSE_PADDING: Padding = Padding { min: 256, max: 2048 };
pub const TCP_REQUEST_PADDING: Padding = Padding { min: 64, max: 512 };
pub const TCP_RESPONSE_PADDING: Padding = Padding { min: 128, max: 1024 };

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_padding_generation() {
        let padding = Padding::new(10, 20);
        let result = padding.generate();
        
        assert!(result.len() >= 10);
        assert!(result.len() < 20);
        
        // Check all bytes are valid padding chars
        for &byte in &result {
            assert!(PADDING_CHARS.contains(&byte));
        }
    }
}
